Vulnerability Description
ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before 2023.5; ZEDMAIL for Windows before 2023.5; ZED! for Windows, Mac, Linux before 2023.5; ZEDFREE for Windows, Mac, Linux before 2023.5; or ZEDPRO for Windows, Mac, Linux before 2023.5 can be modified by an unauthenticated attacker to include a UNC reference so that it could trigger network access to an attacker-controlled computer when opened by the victim.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Primx | Zed\! | < 2023.5 |
| Primx | Zedmail | < 2023.5 |
| Primx | Zonecentral | < q.2021.2 |
Related Weaknesses (CWE)
References
- https://www.primx.eu/en/bulletins/security-bulletin-23B30931/Vendor Advisory
- https://www.primx.eu/fr/blog/Product
- https://www.primx.eu/en/bulletins/security-bulletin-23B30931/Vendor Advisory
- https://www.primx.eu/fr/blog/Product
FAQ
What is CVE-2023-50440?
CVE-2023-50440 is a vulnerability with a CVSS score of 5.5 (MEDIUM). ZED containers produced by PRIMX ZED! for Windows before Q.2020.3 (ANSSI qualification submission); ZED! for Windows before Q.2021.2 (ANSSI qualification submission); ZONECENTRAL for Windows before Q....
How severe is CVE-2023-50440?
CVE-2023-50440 has been rated MEDIUM with a CVSS base score of 5.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-50440?
Check the references section above for vendor advisories and patch information. Affected products include: Primx Zed\!, Primx Zedmail, Primx Zonecentral.